<?php

/**
 *      [品牌空间] (C)2001-2010 Comsenz Inc.
 *      This is NOT a freeware, use is subject to license terms
 *
 *      $Id: report.php 5671 2011-03-07 07:12:59Z xuhui $
 */

require_once('./common.php');

$result = '';
$id = intval($_REQUEST['id']);
$type = trim($_REQUEST['type']);
if(!in_array($type, array('shop', 'album', 'good', 'notice', 'consume', 'groupbuy'))) {
    showmessage("<div class=\"alert_info\" style=\"margin:10px;\"><p>" . $lang["correctinfo_type_error"] . "</p></div>");
}
$action = trim($_REQUEST['action']);
$reasonid = intval($_REQUEST['reasonid']);

$allowedactions = array('report', 'correctinfo', 'claimshop', 'moreshops');
if(!in_array($action, $allowedactions)) {
	exit("<div class=\"alert_info\" style=\"margin:10px;\"><p>" . $lang['correctinfo_illegal_action'] . "</p></div>");
}

if(empty($_G['uid'])) {
	echo "<div class=\"alert_info\" style=\"margin:10px;\"><p>" . $lang['correctinfo_notlogin'] . "</p></div>";
	exit;
}

if($action == 'report') {
	if(submitcheck('reportsubmit')) {
		$reason = shtmlspecialchars(trim($_POST['reason']));
		if(bstrlen($reason) < 1 || bstrlen($reason) > 250) {
			$result = 'message_length';
		} elseif(empty($reasonid) || $reasonid < 0) {
			$result = 'notselect_reasonid';
		} else {
			if(!$_G['myshopid']) {
				if(!empty($id) && !empty($type)) {
					if(DB::result_first("SELECT rid FROM ".DB::table('reportlog')." WHERE type='$type' AND itemid='$id' AND uid='$_G[uid]'")) {
						$result = 'only_allowto_report_once';
					} else {
						$shopid = ($type == 'shop') ? $id : DB::result_first("SELECT shopid FROM ".DB::table($type.'items')." WHERE itemid='$id'");
						if($shopid) {
							$setsqlarr = array(
								'type' => $type,
								'itemid' => $id,
								'uid' => $_G['uid'],
								'username' => $_G['username'],
								'status' => 1,
								'reasonid' => $reasonid,
								'reason' => $reason,
								'shopid' => $shopid,
								'dateline' => $_G['timestamp']
							);
							$rid = inserttable('reportlog', $setsqlarr, 1);
							if($rid) {
								DB::query("UPDATE ".DB::table($type.'items')." SET displayorder=displayorder+1, reportnum=reportnum+1 WHERE itemid='$id'");
							}
							$result = 'report_success';
						} else {
							$result = 'no_item_in_shop';
						}
					}
				} else {
					$result = 'not_get_datas';
				}
			} else {
				$result = 'manager_notallowto_report';
			}
		}
		$_G['inajax'] = 1;
		showmessage("<div class=\"alert_info\" style=\"margin:10px;\"><p>" . $lang["$result"] . "</p></div>");
	} else {
		$reasonarr = array();
		$query = DB::query("SELECT * FROM ".DB::table("reportreasons")." ORDER BY rrid ASC;");
		while($reason = DB::fetch($query)) {
			$reasonarr[] = $reason;
		}
	}

} elseif($action == 'correctinfo') {
	if(submitcheck('formhash')) {
		if(!empty($_G['setting']['commenttime']) && !ckfounder($_G['uid']) && ($_G['timestamp'] - $_G['member']['lastcommenttime'] < $_G['setting']['commenttime'])) {
			$result = 'correctinfo_isflood';
		} else {
			$reason = saddslashes(trim($_POST['reason']));
			if(bstrlen($reason) < 1 || bstrlen($reason) > 250) {
				$result = 'message_length';
			} else {
				if(!empty($id) && !empty($type)) {
					$shopid = ($type == 'shop') ? $id : DB::result_first("SELECT shopid FROM ".DB::table($type.'items')." WHERE itemid='$id'");
					if($shopid) {
						$setsqlarr = array(
							'type' => $type,
							'itemid' => $id,
							'shopid' => $shopid,
							'uid' => $_G['uid'],
							'username' => $_G['username'],
							'reason' => $reason,
							'status' => 0,
							'dateline' => $_G['timestamp']
						);
						inserttable('correctioninfos', $setsqlarr);
						updatetable('members', array('updatetime'=>$_G['timestamp'], 'lastcommenttime'=>$_G['timestamp']), array('uid'=>$_G['uid']));
						$result = 'report_success';
					} else {
						$result = 'no_item_in_shop';
					}
				} else {
					$result = 'not_get_datas';
				}
			}
		}
		$_G['inajax'] = 1;
		showmessage("<div class=\"alert_info\" style=\"margin:10px;\"><p>" . $lang["$result"] . "</p></div>");
	}

} elseif($action == 'moreshops') {

	$perpage = 10;
	$page = intval($_GET['page']);
	if($page == 0) $page = 1;
	$start = ($page - 1) * $perpage;
	$myshops = array_slice($_G['myshopsarr'], $start, $perpage);

	$multi = multi($_G['member']['shopcount'], $perpage, $page, 'report.php?action=moreshops');

} elseif($action == 'claimshop') {
	$claimshopmsg = $_G['setting']['claimshopmsg'];
	exit("<div class=\"alert_info\" style=\"margin:10px;\"><p>" . $claimshopmsg . "</p></div>");
}

if($action == 'moreshops') {
	include template('templates/site/default/'.$action.'.html.php', 1);
} else {
	include template('templates/store/default/'.$action.'.html.php', 1);
}

?>